Beginning in 2017, all new Level 4 merchants were required to use only Payment Card Industry (PCI)-certified QIR solutions providers for POS application and terminal installation and integration.
As a member of the Retail Solution Provider Association (RSPA), we have access to legal documents and other security resource.
And while we hope that this never happens to anyone - the reality is that small businesses are primary targets for breaches and incidents are on the rise.
Below is a quick checklist provided by RSPA for reference if you feel your business has been compromised (step number one - avoid a breach!):
I recently returned from an industry conference and wanted to share some of what I learned.
The topic of security was on everyone’s mind and was a key area of discussion.
Here are the highlights from some of the speakers:
Former United States Most Wanted, Brett “GOllumfun” Johnson, referred to by the United States Secret Service as “The Original Internet Godfather”, spoke at the conference.
Quite honestly, I was horrified after he showed us how quickly and easily it was to create a new identity for less than $2.
There was also discussion around how the Point of Sale industry is now really the Retail and Hospitality IT services industry.
Over the next several months, we will be sharing the PCI Council's advice on How to Protect Your Business With These Security Basics.
This month's topic: Use Strong Passwords and Change Default Ones
According to the Council's Guide - About 80% of breaches involved guessed or stolen passwords!
Here is what they recommend:
CHANGE YOUR PASSWORDS REGULARLY. Treat your passwords like a toothbrush. Don’t let anyone else use them and get new ones every three months.
SEEK HELP. Ask your vendors or service providers about default passwords and how to change them. Then do it!
For more information on managing passwords, click here.
MAKE THEM HARD TO GUESS. The most common passwords are “password” and “123456.” Hackers try easily-guessed passwords because they’re used by half of all people. A strong password has seven or more characters and a combination of upper and lower case letters, numbers, and symbols (like !@#$&*). A phrase can also be a strong password (and may be easier to remember), like “B1gMac&frieS.”
To see how fast it takes to crack a password, click here.
DON’T SHARE. Insist on each employee having their own login IDs and passwords – never share!
Once a year, we travel to the Lower 48 to a conference called RetailNOW. We meet with point of sale companies just like Skurla’s and with the nation's leading vendors. It’s an amazing event that helps us find out what the future holds for the hospitality/retail industries, but it also provides us with a wealth of information on how we can better serve you. This year’s event was in Nashville and for us Alaskan’s, 90+ degree days are way too hot. But the knowledge we bring back makes it all worth while.
“Small businesses are particularly at risk from the costs and opportunity loss associated with a data breach. Implementing the guidance published by the PCI SSC Small Merchant Taskforce will help a small business improve its data security practices and reduce the risk of data theft.“ - Michael Christodoulides, Barclaycard, PCI Small Merchant Taskforce Co-Chair
Security risks are everywhere these days - everyone up and down the chain is affected. At Skurla's Point of Sale Solutions, we take security very seriously - and wanted to share some resources from the PCI Security Council.
But first, here are some frightening data points shared by the PCI Security Council:
- 71% of hackers attack businesses with under 100 employees (Verizon 2012)
- 60% of small businesses experienced a cyber breach (HM Government)
- $20,752 is the average cost to small businesses due to hacking (NSBA)
If this scares you too, keep reading below to learn more about how to protect your business -